LMA GUIDANCE FOR MANAGING AGENTS: SENIOR MANAGERS & CERTIFICATION REGIME (SM&CR)

Transcription

1 LMA GUIDANCE FOR MANAGING AGENTS: SENIOR MANAGERS & CERTIFICATION REGIME (SM&CR) AUGUST

2 CONTENTS INTRODUCTION 3 Background 3 SENIOR MANAGERS REGIME 4 Senior Management Functions (SMFs) 4 PRA SMFs 4 Split and Shared Functions 5 Collective responsibility 6 Diversity 6 FCA SMFs 6 Appointed Representatives 7 Duty of Responsibility 7 Prescribed Responsibilities 8 Statements of Responsibility (SOR) 9 Handover procedures 10 Application of conditions and time limits to approvals 10 Key Functions PRA only 10 Key Function Holder 10 Management Responsibilities Map (MRM) 11 CERTIFICATION REGIME 12 Certification Functions 12 PRA Certification Function 12 FCA Certification Function 13 STANDARDS OF CONDUCT 14 PRA Conduct Standards 14 FCA Conduct Rules 15 Notification Requirements 15 PRA requirements 16 FCA requirements 16 Fitness and Propriety 16 Regulatory References 17 FCA Transition from APR 18 Up to commencement 18 Following commencement 18 Other Conduct Rules staff 18 APPENDICES 19 Appendix 1 - PRA documents 19 Appendix 2 - FCA mapping 20 Appendix 3 - Summaries 21 Application summary 21 To Do Lists 22 Which forms to submit 23 2

3 INTRODUCTION This guidance has been designed for Lloyd s managing agents and is intended to highlight certain important aspects of the Senior Managers & Certification Regime (SM&CR) with particular emphasis on the required changes. It is not intended to cover every aspect of the new regime. Managing agents should refer to the relevant Prudential Regulation Authority s (PRA) Rulebooks, Financial Conduct Authority (FCA) Handbook, Policy Statements, Supervisory Statements, Statements of Policy and Consultation Papers along with corresponding European legislation for full details of their regulatory responsibilities. Links to these documents are provided in Appendix 1. The new regime will come into effect on 10 December BACKGROUND Broadly, the pre-senior Insurance Managers Regime (SIMR) Approved Persons Regime remained unchanged since the Financial Services and Markets Act However, following the formation of the PRA and FCA, the PRA committed to reforming the Approved Persons Regime for the banking sector as part of the Financial Services (Banking Reform) Act Whilst the PRA recognised that there were differences between banks and insurers, its intention was to operate a single, consistent regime wherever possible and the SIMR reflects this aim. Starting November 2014, the PRA and FCA issued a joint series of three consultation papers (CP26/14, CP7/15 and CP13/15) proposing changes to the Approved Person Regime 1. In part, the proposed changes were intended to address certain governance and fitness & propriety requirements under the SII Directive. Through its consultation process, the PRA proposed: a set of PRA Senior Insurance Management Functions; rules on the allocation of responsibilities to senior insurance managers including a set of Prescribed Responsibilities ; rules requiring the notification and fit and proper assessment of individuals responsible for key functions ; rules describing how firms should assess the fitness and propriety of SIMFs and persons performing key functions; and a set of specific Conduct Standards to be applied to all SIMFs and key function holders, and a set of generic conduct standards to be applied for all persons performing a key function. The regulators later published Policy Statements (PS3/15) and (PS22/15) which included new rules setting out the regime. Published alongside PS22/15 was a Supervisory Statement (SS35/15) which set out the PRA s expectations of firms in relation to the regime. The PRA s SIMR applied to managing agents along with the FCA s Approved Persons Regime. Amendments to the Financial Services and Markets Act 2000 (FSMA) and enactment of the Financial Services Act 2016 (the 2016 Act) obligated regulators to extend the SM&CR to all regulated firms. The PRA and FCA published final rules on 4 July The additional requirements for insurers are modest due to their current compliance with the SIMR. In addition, the FCA published an SM&CR guide for insurers on 5 July The LMA responded to each consultation. All LMA responses to regulatory consultations can be found on the LMA website. 3

4 SENIOR MANAGERS REGIME SENIOR MANAGEMENT FUNCTIONS (SMFS) These are the controlled functions which have been designated as Senior Management Functions (SMFs). Persons who hold an SMF (Senior Managers) are the most senior people in a firm and require pre-approval from the PRA/FCA to carry out these functions. PRA SMFs The PRA is amending its terminology (removal of insurance in SIMF and gender based language) and have created two additional SMFs: Chief Operations Officer (SMF24) - the most senior individual responsible for managing the internal operations and technology of a firm. This is the only SMF where responsibility can be split, as opposed to shared (see below) between up to three people provided that the split accurately reflects the relevant firm s organisational structure and that comprehensive responsibility for operations and technology is not undermined. Allocation of this SMF is dependent upon the nature, scale and complexity of a firm s internal operations. Head of Key Business Area (SMF6) - those individuals who are responsible for the management of business areas and divisions that are sufficiently large and complex to have a potential impact upon the firm s safety and soundness. This SMF only applies in respect of large firms (annual premium income > 1 billion or with assets related to regulatory activities of > 10 billion). Therefore, unlikely to apply to the majority of managing agents. Controlled Function SMF1 SMF2 Chief Executive Officer Chief Finance Officer PRA Senior Management Functions - Executive Definition The function of having responsibility, under the immediate authority of the governing body, alone or jointly with others, for carrying out the management of the conduct of the whole of the business (or relevant activities) of a firm. The function of having responsibility for the management of the financial resources of a firm and reporting to the governing body of a firm in relation to its financial affairs. SMF4 Chief Risk Officer The function of having responsibility for overall management of the risk management system specified in Conditions Governing Business 3. SMF5 Head of Internal Audit The function of having responsibility for management of the internal audit function specified in Conditions Governing Business 5. Note: insurers that are not significant and which elect to outsource their internal audit function to a third party are required to allocate a new Prescribed Responsibility to one of their nonexecutive directors who performs a SIMF or an FCA governing function, such as the Chair of the Audit Committee (SIMF11), for providing for an effective internal audit function and overseeing the performance of the internal audit function. 4

5 Controlled Function SMF6 NEW SMF7 SMF9 SMF10 SMF11 SMF12 SMF14 Head of Key Business Area (unlikely to apply to the majority of managing agents.) Not intended to encompass individuals who are already acting in another SMF role Group Entity Senior Manager Chair of the Governing Body Chair of Risk Committee Chair of Audit Committee Chair of Remuneration Committee Senior Independent Director PRA Senior Management Functions - Executive Definition The function of having responsibility for management of a business area or division of a firm where: (1) the relevant business area or division of the firm accounts for more than 20% of the firm s gross revenue; and (2) the person performing that function does not report to a person performing the Head of Key Business Area function in respect of that same business area or division of the firm; and (3) either the gross total assets or the technical provisions of the relevant business area or division of the firm exceed 10 billion. The function of having a significant influence on the management or conduct of one or more aspects of the affairs of a firm in relation to its regulated activities (other than in the course of the performance of another PRA senior management function) and which is performed by a person employed by, or an officer of i) a parent undertaking or holding company of a firm; or ii) another undertaking which is a member of the firm s group. The function of having responsibility for chairing, and overseeing the performance of the role of, the governing body of a firm. The function of having responsibility for chairing, and overseeing the performance of any committee responsible for the oversight of the risk management system specified in Conditions Governing Business 3. The function of having responsibility for chairing, and overseeing the performance of any committee responsible for the oversight of the internal audit system specified in Conditions Governing Business 5. The function of having responsibility for chairing, and overseeing the performance of any committee responsible for the oversight of the design or implementation of the remuneration policies and practices of a firm. The function of performing the role of a senior independent director, and having particular responsibility for leading the assessment of performance of the person performing the Chairman of the Governing Body function. SMF20 Chief Actuary The function of having responsibility for the actuarial function specified in Conditions Governing Business 6. SMF23 SMF24 NEW Chief Underwriting Officer Chief Operations Officer The function of having responsibility, in respect of the firm s general insurance business, for the underwriting decisions in respect of material insurance risks that, in relation to managing agents, are borne by members. The function of having responsibility for the internal operations and technology of a firm. Split and shared functions In certain circumstances, a managing agent may be allowed to have more than one individual responsible for a single SMF where appropriate and justified. Where two or more individuals share an SMF, each will be deemed fully accountable for all the responsibilities inherent in, or allocated to that SMF (excepting SMF24 which is the only SMF where the responsibilities can be split between two to three individuals). 5

6 A person who performs SMF9 must not perform SMF1 within the same firm. A member of a group must ensure that a group executive does not perform SMF9, SMF10, SMF11, SMF12 and SMF14 in respect of the firm. The PRA expects to see a clear explanation and justification for how the relevant responsibilities are allocated or shared between the individuals responsible for the SMF, along with the reporting lines and lines of responsibility for each individual. Further details can be found in the PRA Supervisory Statement 35/15 and the PRA Rulebook Insurance - Senior Management Functions Collective Responsibility The PRA views the SM&CR and its application as consistent with the principle of collective decisionmaking. The SMR co exists with the statutory and fiduciary duties of directors under UK company law and domestic and international corporate governance standards. The SM&CR clarifies and formalises individual responsibilities. For guidance, refer to the PRA Supervisory Statement SS5/16 on Corporate governance: Board responsibilities. Diversity The PRA introduced additional rules, with effect from Monday 9 April 2018, in respect of PRA Rulebook - Conditions Governing Business: A firm must: engage a broad set of qualities and competences when recruiting members to the board; and put in place a policy promoting diversity on the board. If the firm maintains a website it must explain on that website how it complies with the above requirements. FCA SMFs NEW The FCA is proposing to replace the controlled functions under the revised APR with the following SMFs in addition to the PRA SMFs. Although other SMFs are being introduced, they are unlikely to apply to managing agents. FCA Senior Management Functions - Executive Controlled Function SMF3 (CF1) SMF16 NEW SMF17 (CF11) SMF18 NEW Executive Director Compliance Oversight Extended to include GI Money Laundering Reporting Officer Not applicable to general insurance Other Overall Responsibility Definition The function of acting in the capacity of a director (other than a non-executive director) of the firm. The function of acting in the capacity of a person who is allocated the function in SYSC 3.2.8R (having responsibility for oversight of the firm s compliance and reporting to the governing body in respect of that responsibility). The function of acting in the capacity of the money laundering reporting officer of a firm. The function of having overall responsibility for an activity, business area or management function of the firm. 6

7 Controlled Function SMF23b NEW Conduct Risk Oversight Officer (Lloyd s only) Not applicable to managing agents Controlled Function SMF13 (CF2a) Chair of Nominations Committee FCA Senior Management Functions - Executive Definition The function of having responsibility for overseeing the conduct of business standards required of managing agents. FCA Senior Management Functions - Non-Executive Definition The two new SMFs relevant to managing agents are: The function of acting in the capacity of the chair of that committee. Other Overall Responsibility (SMF18) those individuals with overall responsibility for an activity, business area or management function of the firm (only when they do not hold another SMF). Overall responsibility means a Senior Manager will have primary and direct responsibility for briefing and reporting to the board about that activity, areas or function and for putting matters for decision about that activity, area or function to the board. In PS18/15, the FCA states that it has not made final rules regarding SMF18 and Heads of Legal/General Counsels. The FCA states that it will consult further on this in due course. Compliance Oversight (SMF16) the most senior individual with overall oversight of the firm s compliance with FCA requirements. Refer to Appendix 2 for the proposed mapping of current Approved Persons in controlled functions to the FCA SMFs. Where conversion of a current controlled function to a SMF is not possible, the existing approval will lapse upon implementation of the new regime. However, these roles may fall into the Certification Regime (refer to the Certification Regime section on page 12). Again, the sharing of SMFs is permitted, where appropriate and justified. Where two or more individuals share a SMF, each will be deemed fully accountable for all the responsibilities inherent in, or allocated to, that SMF. Whereas the FCA has extended application of the Compliance controlled function to include general insurers, it has confirmed (in its near final rules) that is not introducing any new requirements on firms to have an MLRO. Firms only need to have an MLRO SMF if the Money Laundering Regulations apply to them. However, they still need to have appropriate systems and controls to prevent financial crime. Further details can be found in the FCA Sourcebook SUP 10. Appointed Representatives The provisions of the Approved Persons Regime still apply to Appointed Representatives (ARs). Principal firms remain fully responsible for their ARs adherence to the FCA s rules. The FCA are expected to consult on the approach under SM&CR for Approved Persons of ARs. However, the timescale for consultation is not known. DUTY OF RESPONSIBILITY NEW Every Senior Manager will have a duty of responsibility under FSMA. This means that if a firm breaches a regulatory requirement, the Senior Manager responsible for that area could be held accountable along with the firm if they did not take reasonable steps to prevent or stop the breach. 7

8 The burden of proof lies with the PRA/FCA to show that the Senior Manager did not take the steps a person in their position could reasonably be expected to take to avoid the firm s breach occurring (or continuing). In doing so, they will need to assess (a) the steps that the specific Senior Manager actually took, against (b) the steps the FCA/PRA considers they could have been reasonably expected to take. The PRA sets out its expectations in Supervisory Statement 35/15 and the FCA in CP17/42 on how they propose to apply this new duty in practice. PRESCRIBED RESPONSIBILITIES Prescribed responsibilities are a set of specific responsibilities that a managing agent is required to allocate to a Senior Manager. The PRA is introducing four additional prescribed responsibilities in respect of the SM&CR and outsourced operations in conjunction with the FCA s intention to establish additional prescribed responsibilities as detailed below: Prescribed Responsibilities The firm s performance of its obligations under the senior management regime NEW The firm s performance of its obligations under the certification regime NEW Compliance with the firm s obligations in relation to its management responsibilities map NEW Ensuring that the firm has complied with its obligations in Insurance - Fitness and Propriety to: (a) ensure that every person who performs a key function but does not also perform a PRA senior management function or a certification function is a fit and proper person; and (b) provide and obtain regulatory references Leading the development of the firm s culture by the governing body as a whole Overseeing the adoption of the firm s culture in the day-to-day management of the firm The production and integrity of the firm s financial information and its regulatory reporting Management of the allocation and maintenance of the firm s: (a) capital; and (b) liquidity The development and maintenance of the firm s business model by the governing body Performance of the firm s ORSA Leading the development and monitoring effective implementation of policies and procedures for the induction, training and professional development of all members of the firm s governing body Monitoring effective implementation of policies and procedures for the induction, training and professional development of all of the firm s key function holders (other than members of the firm s governing body; PRA, FCA or shared Shared Shared Shared PRA PRA PRA PRA PRA PRA PRA Shared Shared Allocation SMF (other than SMF18) SMF9 SMF (other than SMF18) SMF (other than SMF18) SMF (other than SMF18) SMF9 SMF (other than SMF18) 8

9 Prescribed Responsibilities PRA, FCA or shared Allocation Oversight of the independence, autonomy and effectiveness of the firm s policies and procedures on whistleblowing including the procedures for protection of staff who raise concerns from detrimental treatment Overseeing the development and implementation of the firm s remuneration policies and practices The firm s performance of its obligations in respect of outsourced operational functions and activities under Conditions Governing Business NEW Responsibility for the firm s obligations in relation to conduct rules (COCON)for training and reporting NEW For the firm s policies and procedures for countering the risk that the firm might be used to further financial crime NEW Shared PRA PRA FCA FCA NED SMF SMF12 SMF (other than SMF18) SMF11 for outsourced Internal Audit SMF (other than SMF18) SMF (other than SMF18) Compliance with CASS NEW Not applicable to managing agents FCA SMF Each prescribed responsibility should normally be held by only one person, i.e. the most senior person responsible. The PRA and FCA have proposed additional guidance on their expectations in respect of firms ability to share prescribed responsibilities in Supervisory Statement 35/15 and CP17/26 respectively. The FCA is proposing to allow for their prescribed responsibilities to be divided, or shared, where appropriate. Firms will only be able to divide or share a prescribed responsibility in limited circumstances where they can show that this is appropriate and justifiable. STATEMENTS OF RESPONSIBILITY (SOR) Scope of Responsibility documents are to be renamed Statements of Responsibility (SoR) and will require drafting/updating for the new SMF and prescribed responsibilities. The SoR is a document that is required to be kept up to date for all Senior Managers. It should clearly set out a Senior Manager s role and what they are responsible for. There is a standard SoR template to use, which must be submitted to the PRA/FCA for all new approvals. SoRs will also need submitting to the FCA/PRA following any significant change. Each version of the SoR must be retained for a period of ten years from the date on which it was superseded by a more up-to-date record. The PRA sets out its expectations for SoRs in Supervisory Statement 35/15 and the FCA in Sourcebook SUP 10C.11. 9

10 HANDOVER PROCEDURES NEW Managing agents need to take all reasonable steps to ensure that a person taking on a Senior Manager role or new Senior Manager responsibility has all the information and materials they could reasonably expect to have in order to do their job effectively. A written policy must be in place and followed along with an audit trail of the steps taken to comply in each case. When someone is taking over an SMF from someone else, the FCA suggests a handover note might satisfy the above requirement. The FCA does not provide any guidance on what a handover note might contain and so managing agents should consider developing their own views now and reflecting those views in internal procedures, including those for departing staff. APPLICATION OF CONDITIONS AND TIME LIMITS TO APPROVALS The PRA and FCA have the right to apply conditions and/or time limits to any SMF approvals given to an individual. The PRA is consulting on a consolidated Statement of Policy (SoP), Conditions, time limits, and variations of approval which explains how the PRA proposes to exercise its ability to apply such conditions or time limits, or to vary any approvals given to an individual to be appointed as a senior manager. The FCA has proposed adding a statement of policy to the FCA Sourcebook SUP 10C. The PRA and FCA have the right to apply conditions and/or time limits to any SMF approvals given to an individual. KEY FUNCTIONS - PRA ONLY A managing agent must identify, record and keep up to date each of the functions that they consider to be a key function; and any such key function that amounts to effectively running the firm. As a minimum, risk-management, compliance, internal audit and actuarial should be classified as key functions in addition to all of the SMFs. Examples of additional key functions that are of specific importance to the sound and prudent management of the firm could be investment, claims management, operational systems and controls, IT and reinsurance (if separate from the other key functions). Key Function Holder (KFH) The relevant individuals responsible for these key functions are termed key function holders (KFH) and the PRA expects that they will report into a very senior figure at the firm, such as the CEO. In cases where there is more than one head of a function, the PRA anticipates that responsibility for a particular key function will be shared between more than one individual. This would be in a similar way, and subject to similar restrictions, to the sharing of responsibilities by two Senior Managers. There is no regulatory pre-approval requirement for KFHs (assuming that they are not otherwise performing a SMF). However, the PRA does require notification, as soon as reasonably practicable, after their appointment. 10

11 MANAGEMENT RESPONSIBILITIES MAP (MRM) Governance Maps are to be renamed Management Responsibilities Maps (MRMs) and managing agents will need to update their maps to reflect the aforementioned changes. MRMs are required to set out management and governance arrangements in an accessible, clear and comprehensive way. The MRM must include items such as: a list of the key functions, business areas and management functions of the firm; the names of the Senior Managers, KFHs and other persons who effectively run the firm along with a summary of their responsibilities including any prescribed responsibilities; the rationale for any shared or divided responsibilities and details of how each of the individuals are to carry out those responsibilities in practice; reporting lines and lines of responsibility within the firm (and group, where applicable) for each named person; where a firm is a member of a group how the firm s management and governance arrangements interact with the group and the extent to which those arrangements are provided by or shared with other members of the group; and matters reserved for the board including the terms of reference of its committees. The MRM should be made available to the PRA/FCA on request and must be submitted alongside any application for approval or in the event of a significant change. Each previous version of the MRM must be retained for a period of 10 years. The PRA sets out its expectations for MRMs in Supervisory Statement 35/15 and the FCA in CP17/26. 11

12 CERTIFICATION REGIME NEW The Certification Regime is a new FSMA requirement and is one of the biggest changes for managing agents compared to the current SIMR and revised APR. It will apply to employees who are not Senior Managers (or NEDs) but whose roles could allow them to cause significant harm to the firm or its customers. The regime will come into force 12 months after implementation of the SMR (i.e. 10 December 2019). However, as all affected individuals will need to have been certified by that date, managing agents will need to start the process earlier, and consideration should be given to integrating it into the 2018/19 appraisal process. A managing agent will be required to issue certificates each year to individual employees in such roles, to show that the managing agent is satisfied that the individual is fit and proper to perform that role, or, where a certificate is not provided, what steps the firm proposes to take in relation to the person as a result of the decision. Firms must then keep a record of all such valid certificates. Our understanding is that certificates need not be physical. Electronic ( ) certificates will be acceptable. In addition, it is proposed that these individuals will be subject to the relevant conduct rules and standards, and that firms would be required to obtain regulatory references before appointment. Refer to the relevant sections below for further details. CERTIFICATION FUNCTIONS FSMA defines a Certification Function as one that: requires the person performing it to be involved in one or more aspects of the firm's affairs, so far as relating to a regulated activity, and those aspects involve, or might involve, a risk of significant harm to the firm or any of its customers. PRA Certification Function The PRA has proposed the following criteria that it considers meets the FSMA definition: PRA Certification Function Description Key Functions Holders (KFHs) Any person who is responsible for discharging a key function (a function which is of specific importance to the sound and prudent management of the firm). Excludes those also performing PRA SMF or relevant FCA SMF. Material Risk Takers (MRTs) in Large Firms Unlikely to apply to the majority of managing agents Employees in large firms whose activities have a material impact on the firm s risk profile i.e. material risk-takers (MRTs). These MRTs are defined in a similar way as the Solvency II remuneration requirements, and could therefore be identified by managing agents in accordance with the expectations set out in Supervisory Statement SS10/16. 12

13 FCA Certification Function The FCA has proposed a list of roles that it considers to be certification functions and those most likely to apply to managing agents are listed below: FCA Certification Function Description Significant Management Function (previously CF29) These individuals perform functions that would have been Significant Influence Functions under APR i.e. they have significant responsibility for a significant business unit. They are individuals below Senior Managers who are responsible for business units that, on account of their size, nature or impact, are considered significant by the firm. Material Risk Takers (MRTs) MRTs within all SII firms are in scope under the FCA s rules. For managing agents, MRTs are those individuals that already need to be identified under Solvency II regulations on remuneration (those individuals whose professional activities have a material impact on the firm s risk profile). Supervisors or Managers of Certified Persons The function of managing or supervising a certification employee, directly or indirectly, unless undertaken by a Senior Manager. It is important to note the difference in approach between the PRA and FCA regarding MRTs. The FCA s application is wider than the PRA s - MRTs within all SII firms are in scope under the FCA s rules, while only those within large SII insurers and large NDFs are in scope under the PRA s rules. This is a deliberate distinction and reflects the different statutory objectives of the two regulators. However, with respect to the scope of application to individuals, the FCA has confirmed that it is not looking beyond those who are subject to the SII remuneration requirements. In respect of both the PRA and FCA, any individual whose appointment is solely to cover the absence of an employee in a certification function whose absence is reasonably unforeseen, and is for less than four weeks, would be excluded. Certification Managing agents will be required to assess whether an employee is fit and proper to perform all aspects of the certification function(s) and issue a valid certificate prior to them undertaking the role and, thereafter, on an annual basis. There is no specific format for the certificate. However, it must only be valid for a period of up to 12 months and state that the managing agent is satisfied that the person is a fit and proper person to perform the function(s) as described in the certificate. A full audit trail must be maintained. Managing agents should refer to section 63E (Certification of employees by Authorised Persons) and section 63F (Issuing of certificates) of FSMA in addition to the PRA Rulebook Insurance Certification, Insurance Fitness and Propriety and the FCA FIT Handbook for further details. 13

14 STANDARDS OF CONDUCT Certain individuals are required to observe specific PRA and FCA standards of conduct. Firms are required to take all reasonable steps to ensure those individuals are aware of this requirement and that they understand how these standards apply to them, including through the provision of suitable training. PRA CONDUCT STANDARDS The PRA proposes to extend the application of the Individual Conduct Standards to those performing certification functions and those performing Senior Manager Functions on a temporary basis. Individual Conduct Standards PRA Application 1. Acting with integrity Persons performing key functions 2. Acting with due skill, care and diligence 3. Be open and co-operative with the FCA, the PRA and other regulators Senior Manager Conduct Standards 1. Take reasonable steps to ensure that the business of the firm for which you are responsible is controlled effectively 2. Take reasonable steps to ensure that the business of the firm for which you are responsible complies with the relevant requirements and standards of the regulatory system 3. Take reasonable steps to ensure that any delegation of your responsibilities is to an appropriate person and that you oversee the discharge of the delegated responsibility effectively 4. Disclose appropriately any information of which the FCA or the PRA would reasonably expect notice 5. When exercising your responsibilities, you must pay due regard to the interests of current and potential future policyholders in ensuring the provision by the firm of an appropriate degree of protection for their insured benefits Certification functions Key function holders (including Notified NEDs) PRA SMF or FCA Relevant SMF [including temporary appointments (not approved)] PRA Application PRA SMF or FCA relevant SMF Key function holder (excluding notified NEDs) PRA SMF or FCA relevant SMF Key function holders (including notified NEDs) The PRA expects the conduct standards to only relate to the activities of the firm or group for which they are working and that they are set out in Senior Manager s/kfh s job descriptions or conditions of engagement and for those performing other applicable functions in a staff manual or similar. The PRA sets out its overall expectations on the application of conducts standards in Supervisory Statement 35/15 and the PRA Rulebook Insurance Conduct Standards Rulebook. 14

15 FCA CONDUCT RULES The FCA proposes to make significant changes to the type of persons required to adhere to the Conduct Rules. Individual Conduct Rules All employees (including NEDs but excluding ancillary staff) will be required to adhere to the Individual Conduct Rules. Senior Manager Conduct Rules - Senior Managers will be required to comply with the Senior Manager Conduct Rules. In addition, notified NEDs (i.e. those NEDs which are not approved) will be required to meet rule number 4. They also propose that these conduct rules will be in respect of both regulated and unregulated financial services activities. Individual Conduct Rules FCA Application 1. Acting with integrity Senior Managers [including temporary 2. Acting with due skill, care and diligence 3. Be open and co-operative with the FCA, the PRA and other regulators 4. Pay due regard to the interests of customers and treat them fairly 5. Observe proper standards of market conduct appointments (not approved)] Certified Persons (including under 4 weeks) Notified NEDs All other staff, except ancillary staff Senior Manager Conduct Rules 1. Take reasonable steps to ensure that the business of the firm for which you are responsible is controlled effectively 2. Take reasonable steps to ensure that the business of the firm for which you are responsible complies with the relevant requirements and standards of the regulatory system 3. Take reasonable steps to ensure that any delegation of your responsibilities is to an appropriate person and that you oversee the discharge of the delegated responsibility effectively 4. Disclose appropriately any information of which the FCA or the PRA would reasonably expect notice FCA Application Senior Managers (including temp/nonapproved) Senior Managers [including temporary appointments (not approved)] Notified NEDs Refer to FCA Sourcebook COCON for further details NOTIFICATION REQUIREMENTS NEW FSMA also requires firms to notify the PRA/FCA when disciplinary action has been taken against a person. This new notification requirement will not change or remove managing agents obligations to report concerns about an individual s conduct under the existing rules and principles. Managing agents should consider whether reference to such requirements should be made in employee handbooks. 15

16 PRA Requirements The PRA will require notification as soon as possible where the disciplinary action relates to any action, failure to act, or circumstance that amounts to a breach of any Conduct Standard. If a managing agent reports a breach of a Conduct Standard, and subsequently takes disciplinary action against the person for matters relating to the breach, the managing agent should make a separate notification to the PRA of the disciplinary action. The PRA sets out its expectations in Supervisory Statement 35/15 and the PRA Rulebook: Conduct Rules Notifications. FCA Requirements The FCA also proposes to require notification of disciplinary action only when that action was due to a breach of the Conduct Rules. For Senior Managers, it is proposed that firms notify the FCA of this information within seven business days of the firm becoming aware of the matter. For other staff, it is proposed the notification is made once a year. Refer to FCA Sourcebook SUP 15 for further details. FITNESS AND PROPRIETY A firm must ensure that persons who perform specific functions are at all times fit and proper. It is proposed that the fit and proper requirements will now apply to all Senior Managers, KFHs and Notified NEDs and extend out to also apply to those performing Certification Functions. Firms are required to give consideration to the following when assessing an individual s fitness and propriety: Initial Assessment Personal characteristics (good repute, integrity, financial soundness etc.) In addition, for SMF or Notified NED roles a firm is required, with prior consent, to obtain and have regard to: UK Criminal Record Check - the fullest information that it is lawfully able to request under Police Act 1997 (DBS or equivalent checks) Overseas Criminal Record Check - the fullest information that it is lawfully able to request under applicable overseas legislation (previous 5 years) References / Regulatory references (appropriate references from previous employers covering the past 6 years) Level of competence, knowledge and experience Qualifications Training (required and/or undertaken) Initial and On-Going Assessment Past conduct and performance Compliance with Conduct Standards/Rules 16

17 Regulatory references Managing agents are required to obtain and also provide regulatory references for certain individuals which forms part of the fit and proper assessment. The regulatory reference requirements will now apply to those performing certification functions as well as Senior Managers and Notified NEDs. There is a standard template in which to disclose certain mandatory information covering the previous six years to include details of disciplinary action, any findings that the individual was not fit and proper and any other information relevant to such an assessment. In respect of serious misconduct, there is no time limit and managing agents will need to use their judgement when considering what is relevant in each individual case. Any new and significant information which comes to light following the issue of a regulatory reference will also need to be provided. Further details can be found in PRA Rulebook Insurance - Fitness and Propriety and FCA Sourcebook SYSC

18 Up to commencement FCA Transition From APR If someone is currently approved by the FCA for their role, and the equivalent role exists in the SMR, they will not need to apply for re-approval. However, firms will need to submit a Form K conversion notification, Statements of Responsibilities and a Responsibilities Map, to convert existing approved individuals to new Senior Management Functions. Firms should submit an updated Form K where the information submitted changes. To maximise the transition period available to firms, the FCA has proposed that the cut-off date for Form K conversion notifications will be one week before the start of the new regime. Managing agents should submit the relevant forms/documentation for the approval of individuals who will perform SIMF24/SMF6, from Monday 10 December Failure to do so may mean problems converting the firm s individuals. Following Commencement Managing agents will be required to check the updated Financial Services Register after the start of the new regime to ensure that they hold the correct approvals. Other Conduct Rules staff Other Conduct Rules staff are those who are subject to the Conduct Rules in COCON, but who do not hold a Senior Management Function or a Certification Function. The FCA proposes giving firms 12 months from Commencement to get ready to apply the Conduct Rules to their Other Conduct Rules Staff the same as they did for banking. 18

19 APPENDIX 1 PRA Documents Policy Statement 15/18 Strengthening individual accountability in insurance: Extension of the Senior Managers and Certification Regime to insurers Policy Statement PS1/18 Strengthening individual accountability in insurance: optimisations to the SIMR - February 2018 Supervisory Statement SS35/15 Strengthening individual accountability in insurance - February 2018 Consultation Paper CP28/17 Strengthening accountability: implementing the extension of the SM&CR to insurers and other amendments - December 2017 Consultation Paper CP14/17 Strengthening individual accountability in insurance: extension of Senior Managers & Certification Regime to insurers - July 2017 Consultation Paper I CP8/17 Strengthening accountability in banking and insurance: optimisations to the SIMR, and changes to SMR forms PRA Rulebook FCA Documents SM&CR Guide for insurers Policy Statement PS18/15 Extending the Senior Managers & Certification Regime to insurers Feedback to CP17/26 and CP17/41 and near-final rules July 2018 Consultation Paper CP17/41 Individual Accountability: Transitioning insurers and individuals to the Senior Managers & Certification Regime - December 2017 Consultation Paper CP17/25 Individual Accountability: Extending the Senior Managers & Certification Regime to all FCA firms July 2017 Consultation Paper CP17/26 Individual Accountability: Extending the Senior Managers & Certification Regime to insurers - July 2017 FCA Handbook 19

20 APPENDIX 2 FCA MAPPING The table below shows the proposed mapping of current approved persons in controlled functions to the FCA Senior Management Functions. Current controlled function Possible corresponding FCA Senior Management Function(s) SMF3 Executive Director CF1 Director CF2a Chair of the Nominations Committee CF2b Chair of the With-Profits Committee CF5 Director of Unincorporated Association CF6 Small Friendly Society Function CF10 Compliance Oversight CF10a CASS Operational Oversight Function CF11 Money Laundering Reporting Officer (MLRO) CF28 Systems and Controls Function CF51 Actuarial Conduct Function CF29 Significant Management Function SMF27 Partner SMF23b Conduct Risk Oversight Officer SMF13 Chair of the Nominations Committee SMF15 Chair of the With-Profits Committee SMF3 Executive Director SMF3 Executive Director SMF16 Compliance Oversight SMF18 Other Overall Responsibility SMF17 Money Laundering Reporting Officer (MLRO) SMF22 Other Local Responsibility Function N/A SMF18 Other Overall Responsibility SMF21 EEA Branch Senior Manager Function SMF22 Other Local Responsibility Function 20

21 APPENDIX 3 SUMMARIES Application Summary Role Fit and proper assessment by regulator Fit and proper assessment by firm Conduct standards apply directly to individuals Conduct standards applied by firm Regulatory references Required DBS checks PRA S(I)MF or FCA Relevant SMF Notified NED KFH (other than a notified NED ) Certification function (other than a KFH) Performing a key function Other employees (excluding ancillary staff) Preapproval Yes, post appointment Yes, post appointment X All All See Note 2 See Note 2 All Individual conduct rules only X X X Firms decision All Individual conduct standards only Individual conduct standards only X X X X X X This table shows how the various constituent elements of the SM&CR for insurers will be applied to the different categories of individual within each firm. Notes 1) Individuals who hold multiple roles in the table above must comply with the requirements consistent with their highest level role. 2) For Notified NEDs, including Conduct Rules NEDs, the conduct standards to be applied by the firm would be the three individual conduct standards, plus the additional senior (insurance) manager standards requiring proactive disclosure of information by individuals to the PRA and FCA, and having regard to the interests of policyholders. For Conduct Rules NEDs, these same conduct standards will also apply directly to the individuals as conduct rules. 21

22 To Do Lists What firms need to do under the Senior Managers Regime If a person will be performing a Senior Manager Function, the firm will need to: Satisfy themselves that the candidate is fit and proper to perform the relevant function. Work out whether there is an overlap with a PRA SMF and if not, apply for the person to be approved by the FCA before they start their role. If there is an overlap, then firms don t need to seek separate approval from the FCA. They will just require PRA s approval. Send the FCA a Statement of Responsibilities and Responsibilities Map (if applicable) with each application for approval. After a Senior Manager has been approved, the firm will need to: Update Statements of Responsibilities and Responsibilities Maps and resubmit the Statements of Responsibilities to us whenever there is a significant change to a Senior Manager s responsibilities. Assess that their Senior Managers are fit and proper to carry out their role at least once a year. Also, firms will need to make sure they have appropriately allocated all of the relevant Prescribed Responsibilities and Overall Responsibility (where applicable) to their Senior Managers. What Senior Managers need to do Any person who is a Senior Manager will have a duty of responsibility. Senior Managers must ensure that their Statements of Responsibilities are accurate and up to date. There are also Conduct Rules that apply to Senior Managers. What firms need to do under the Certification Regime The Certification Regime will make firms more responsible for assessing that their staff are fit and proper to carry out Certification Functions. FCA approval is not required for anyone who performs a Certification Function. Firms will need to: Identify employees who perform a Certification Function. Assess whether those employees are fit and proper to perform their role. Firms need to do this assessment at the point of recruitment (or before a person performs a Certification Function) and on an ongoing, annual basis. Issue a certificate to the employee if the firm is satisfied that they are fit and proper to perform that Certification function. Set out what aspect of the firm s affairs the person will be involved in as part of performing their function. If the firm completes a fit and proper assessment and then decides not to issue a certificate to someone, the firm must give the person a notice in writing setting out what steps (if any) the firm proposes to take in relation to the person as a result of the decision. What firms need to do under the Conduct Rules Provide staff training. Notifying the FCA when disciplinary action is taken because of a breach of the Conduct Rules. Allocate the Prescribed Responsibility for the firm s obligations for Conduct Rules notifications and training. 22

23 What will individuals need to do Where the Conduct Rules apply, relevant individuals need to be aware of and comply with the rules as part of their role. Which forms to submit The table below summarises the forms required in different scenarios. Scenario Convert approved individuals to mapped Senior Management Functions An approved individual is not to be converted to the corresponding Senior Management Function (e.g. where they have resigned) An approved individual is going to give up an existing controlled function that will lapse at the start of the new regime and take up a new corresponding controlled function, with intention that they will be converted to a relevant Senior Management Function. For example, an individual moving from the CF29 Customer Function to the CF1 Director function in order to hold the SMF3 Executive Director function under the new regime. An approved individual is going to give up an existing controlled function that will lapse at the start of the new regime and take up a new Senior Management Function after Commencement. Seeking approval for a new individual with immediate effect, with the intention that they will be converted to a relevant Senior Management Function after Action Form K Conversion Notification Statements of Responsibilities Include the individual on the firm s Responsibilities Map Do not include the individual on Form K Conversion Notification or Responsibilities Map No SOR required If the individual leaves the role before the start of the new regime then a Form C should be submitted Submit the existing APR Form E Include the individual on Form K Submit a Statement of Responsibilities Include the individual on the firm s Responsibilities Map Submit the new SM&CR Form A Submit a Statement of Responsibilities Include the individual on the firm s Responsibilities Map Submit the existing APR Form A Include the individual on Form K Summary: solvency II firms and large NDFs will need to submit a conversion notification (Form K), Statements of Responsibilities (SOR) for their proposed SMFs, and a Responsibilities Map. Additional forms may be needed where other applications are also made. Possible scenarios are outline below. 23

24 CONTACT US Steve Morrell Head of Regulatory Affairs Company Secretary Tel: